Documents

PCNSE_Study_Guide for PCNSE Version 8

Description
Paloalto Study Guide for PCNSE version 8
Categories
Published
of 133
All materials on our website are shared by users. If you have any questions about copyright issues, please report us to resolve them. We are always happy to assist you.
Related Documents
Share
Transcript
    PALO ALTO NETWORKS PCNSE STUDY GUIDE February 2018   Palo Alto Networks, Inc. www.paloaltonetworks.com © 2016-2018 Palo Alto Networks – all rights reserved. Aperture, AutoFocus, GlobalProtect, Palo Alto Networks, PAN-OS, Panorama, Traps, and WildFire are trademarks of Palo Alto Networks, Inc. All other trademarks are the property of their respective owners.   3 © 2018 Palo Alto Networks, Inc. ontents Palo Alto Networks PCNSE Study Guide ....................................................................................................... 7 Overview ................................................................................................................................................... 7 Exam Details .......................................................................................................................................... 7 Intended Audience ................................................................................................................................ 7 Qualifications ........................................................................................................................................ 7 Skills Required ....................................................................................................................................... 8 Recommended Training ........................................................................................................................ 8 Disclaimer .............................................................................................................................................. 8 Exam Domain 1 – Plan ............................................................................................................................ 10 Identify how the Palo Alto Networks products work together to detect and prevent threats. ......... 10 Given a scenario, identify how to design an implementation of the firewall to meet business requirements leveraging the Palo Alto Networks Security Platform. ................................... 11 Given a scenario, identify how to design an implementation of firewalls in High Availability to meet business requirements leveraging the Palo Alto Networks Security Platform. ..................... 16 Identify the appropriate interface type and configuration for a specified network deployment. ..... 18 Identify how to use template stacks for administering Palo Alto Networks firewalls as a scalable solution using Panorama. ...................................................................................................... 24 Identify how to use device group hierarchy for administering Palo Alto Networks firewalls as a scalable solution using Panorama. ........................................................................................ 27 Identify options to deploy Palo Alto Networks firewalls in a private cloud (VM-Series). .................. 30 Given a scenario, identify ways to mitigate resource exhaustion (because of denial-of-service) in application servers. ................................................................................................................ 32 Identify decryption deployment strategies. ....................................................................................... 34 Identify the impact of application override to the overall functionality of the firewall. .................... 38 Identify the methods of User--ID redistribution ................................................................................. 40 Exam Domain 2 – Deploy and Configure ................................................................................................ 41 Identify the application meanings in the Traffic log (incomplete, insufficient data, non-syn TCP, not applicable, unknown TCP, unknown UDP, and unknown P2P). ............................................ 41 Given a scenario, identify the set of Security Profiles that should be used. ...................................... 41 Identify the relationship between URL filtering and credential theft prevention. ............................. 42 Identify differences between services and applications ..................................................................... 43 Identify how to create security rules to implement App-ID without relying on port-based rules. .... 43   4 © 2018 Palo Alto Networks, Inc. Identify the required settings and steps necessary to provision and deploy a next-generation firewall. .................................................................................................................................. 44 Identify various methods for Authentication, Authorization, and Device Administration within a firewall. .................................................................................................................................. 45 Identify how to configure and maintain certificates to support firewall features. ............................ 46 Identify how to configure a virtual router. ......................................................................................... 46 Identify the configuration settings for site-to-site VPN. ..................................................................... 49 Identify the configuration settings for GlobalProtect. ........................................................................ 50 Identify how to configure items pertaining to denial-of-service protection and zone protection. ... 53 Identify how to configure features of the NAT rulebase. ................................................................... 53 Given a configuration example including DNAT, identify how to configure security rules. ............... 54 Identify how to configure decryption. ................................................................................................ 55 Given a scenario, identify an application override configuration and use case. ................................ 56 Identify how to configure VM-Series firewalls for deployment. ........................................................ 56 Exam Domain 3 – Operate ...................................................................................................................... 57 Identify considerations for configuring external log forwarding. ....................................................... 57 Interpret log files, reports, and graphs to determine traffic and threat trends. ................................ 62 Identify scenarios in which there is a benefit from using custom signatures. ................................... 68 Given a scenario, identify the process to update a Palo Alto Networks system to the latest version of the software. ..................................................................................................................... 69 Identify how configuration management operations are used to ensure desired operational state of stability and continuity. ......................................................................................................... 71 Identify the settings related to critical HA functions (link monitoring; path monitoring; HA1, HA2, and HA3 functionality; HA backup links; and differences between A/A and A/P). ............... 71 Identify the sources of information pertaining to HA functionality. .................................................. 72 Identify how to configure the firewall to integrate with AutoFocus and verify its functionality. ...... 73 Identify the impact of deploying dynamic updates. ........................................................................... 74 Identify the relationship between Panorama and devices as it pertains to dynamic updates versions and policy implementation and/or HA peers. ....................................................................... 75 Exam Domain 4 – Configuration Troubleshooting .................................................................................. 76 Identify system and traffic issues using WebUI and CLI tools. ........................................................... 76 Given a session output, identify the configuration requirements used to perform a packet capture. ............................................................................................................................................... 77 Given a scenario, identify how to troubleshoot and configure interface components. .................... 79 Identify how to troubleshoot SSL decryption failures. ....................................................................... 82

AI Lecture 2

Apr 16, 2018

Class-VI-v1.pdf

Apr 16, 2018
Search
Tags
Related Search
We Need Your Support
Thank you for visiting our website and your interest in our free products and services. We are nonprofit website to share and download documents. To the running of this website, we need your help to support us.

Thanks to everyone for your continued support.

No, Thanks